Upon configuring Exchange CAS protocol monitoring, ActiveSync can return a 403 forbidden error.
This can be caused by a default ActiveSync mailbox policy applied to the test Exchange account forbidding Non-Provisionable Devices to issue ActiveSync requests.
This article explains how to create and apply an ActiveSync policy on the test Exchange account allowing ActiveSync requests.
GSX Monitor 10.1.0+ | Exchange 2010 & 2013
Symptoms
- The remote server returned an error: (403) Forbidden.
How to Solve the Issue
The probable cause for this issue is that a default ActiveSync policy is in place. Creating and applying a new ActiveSync policy to the test Exchange account for monitoring can resolve this.
Create a new ActiveSync policy:
- From your CAS server, open the Exchange Management Shell.
- Enter the following command:
- New-ActiveSyncMailboxPolicy -AllowNonProvisionableDevices:$true -Name ConnectivityTestsOnly
Apply the new policy to the test Exchange account:
- From your CAS server, open the Exchange Management Shell.
- Enter the following command, replacing username with the test Exchange account username:
- Set-CASMailbox username -ActiveSyncMailboxPolicy ConnectivityTestsOnly
CAS ActiveSync checks will now pass successfully.